System and method for providing transaction verification
Abstract
A transaction verification process performed by a transaction network operator in communication with a client computing device and a third party provider. A computing device may be equipped with an integrity verification module for verifying the system integrity of the computing device, and a cryptographic module for digitally signing transaction requests. The transaction network operator may verify that transaction requests processed by the third party provider are properly associated with a valid computing device by verifying signatures from the cryptographic module and the integrity verification module. In response to a request from the third party provider, the transaction network operator may verify that the computing device is authorized to complete the transaction by challenging the computing device for proper credentials. The transaction network operator may verify the credentials provided by the client device and indicate to the third party provider that the transaction is valid.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. A computer-implemented method to provide secure online transactions, comprising:
receiving, by a transaction network server, a set of transaction details from a service provider, the transaction details comprising at least a user identifier and identifying a transaction initiated by a client device associated with the user identifier and registered with the transaction network server;
communicating, by the transaction network server, a transaction verification message to the client device for digital signature by the client device, wherein receipt of the transaction verification message for digital signature causes a user of the client device to switch operation of the client device to a secure operating mode;
generating, by the client device, a digital signature that verifies the transaction, wherein the digital signature is generated by a cryptographic module on the client device only when the client device is operating in the secure operating mode, and wherein the digital signature is not provided to the service provider;
communicating, by the client device, to the transaction network server the digital signature that verified the transaction;
receiving, by the transaction network server, the digital signature communicated from the client device;
verifying, by the transaction network server, the digital signature used by the client device to verify the transaction by comparing the digital signature to a previously registered digital signature stored on the transaction network server and associated with the cryptographic module on the client device; and
instructing the service provider, by the transaction network server, that the secure transaction is approved in response to successful verification of the digital signature by the transaction network server.
2. The method of claim 1 , further comprising presenting the transaction details to the client device for approval prior to verifying the digital signature.
3. The method of claim 1 , wherein the digital signature comprises an integrity verification signature and a cryptographic signature.
4. The method of claim 3 , wherein the cryptographic signature is provided by a physical authentication device.
5. The method of claim 1 , wherein the client device provides a user credential along with the digital signature.
6. The method of claim 5 , wherein the user credential is a credit card number or a debit card number.
7. The method of claim 1 , further comprising notifying a user associated with the client device via a communication channel that the secure transaction has been approved.
8. A non-transitory computer readable storage medium containing instructions that, when executed by a processor, cause the processor to execute a method comprising:
receiving, from a service provider, a set of transaction details, the transaction details comprising at least a user identifier and identifying a transaction initiated by a client device associated with the user identifier and registered with a transaction network server;
communicating, to the client device, a transaction verification message for digital signature by the client device, wherein receipt of the transaction verification message for digital signature causes a user of the client device to switch operation of the client device to a secure operating mode;
generating, by the client device, a digital signature that verifies the transaction, wherein the digital signature is generated by a cryptographic module on the client device only when the client device is operating in the secure operating mode, and wherein the digital signature is not provided to the service provider;
communicating, by the client device, to the transaction network server the digital signature that verified the transaction;
receiving, by the transaction network server, from the client device, the digital signature that verified the transaction;
verifying, by the transaction network server, the digital signature used by the client device to verify the transaction by comparing the digital signature to a previously registered digital signature stored on the transaction network server and associated with the cryptographic module on the client device; and
instructing the service provider that the secure transaction is approved in response to successful verification of the digital signature by the transaction network server.
9. The computer readable storage medium of claim 8 , further comprising presenting the transaction details to the client device for approval prior to verifying the digital signature.
10. The computer readable storage medium of claim 8 , wherein the digital signature comprises an integrity verification signature and a cryptographic signature.
11. The computer readable storage medium of claim 10 , wherein the cryptographic signature is provided by a physical authentication device.
12. The computer readable storage medium of claim 8 , wherein the client device provides a user credential along with the authorization signature, the user credential being issued by a transaction network operator in response to registration of the client device with the transaction network operator.
13. The method of claim 12 , wherein the user credential is a credit card number or a debit card number.
14. The computer readable storage medium of claim 8 , further comprising notifying a user associated with the client device via a communication channel that the secure transaction has been approved.
15. A system to provide secure online transactions, comprising:
a storage device; and
a processor communicatively coupled to the storage device, wherein the processor executes application code instructions that are stored in the storage device to cause the system to:
receive a set of transaction details from a service provider, the transaction details comprising at least a user identifier and identifying a transaction initiated by a client device associated with the user identifier and registered with the transaction network server;
communicate a transaction verification message to the client device for digital signature by the client device, wherein receipt of the transaction verification message for digital signature a user of the client device to switch operation of the client device to a secure operating mode;
generate a digital signature that verifies the transaction, wherein the digital signature is generated by a cryptographic module on the client device only when the client device is operating in the secure operating mode, and wherein the digital signature is not provided to the service provider;
communicate to the transaction network server the digital signature verifying the transaction;
receive the digital signature communicated from the client device;
verify the digital signature used by the client device to verify the transaction by comparing the digital signature to a previously registered digital signature stored on the transaction network server and associated with the cryptographic module on the client device; and
instruct the service provider that the secure transaction is approved in response to successful verification of the digital signature.
16. The system of claim 15 , wherein the digital signature comprises an integrity verification signature and a cryptographic signature.
17. The system of claim 16 , wherein the cryptographic signature is provided by a physical authentication device.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.